CVE-2021-28310
Win32k Elevation of Privilege Vulnerability
Vexday Risk Score
71High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.8EPSS 8.3%KEV simPoC públicaNuclei —Metasploit —Patch —
Lifecycle
13 Apr 2021Published on NVD
14 Apr 2021Public PoC
03 Nov 2021Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
A flaw in Windows' graphical interface system (Win32k) allows an attacker with basic user access to gain administrator privileges on the computer. This is dangerous because it lets someone take complete control of the system.
Technical detail
CWE-787 (out-of-bounds write) in Win32k kernel component allows local privilege escalation when a user with standard privileges crafts malicious input that triggers a memory write beyond buffer boundaries, enabling execution with elevated system permissions.
Summary generated and translated by AI from the official description.
Win32k Elevation of Privilege Vulnerability
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Affected products
Microsoft · Windows 10 Version 1803Microsoft · Windows 10 Version 1809Microsoft · Windows 10 Version 1909Microsoft · Windows 10 Version 2004Microsoft · Windows 10 Version 20H2Microsoft · Windows Server 2019Microsoft · Windows Server 2019 (Server Core installation)Microsoft · Windows Server, version 1909 (Server Core installation)Microsoft · Windows Server version 2004Microsoft · Windows Server version 20H2public PoCs found — 1
githubgithub.com/Rafael-Svechinskaya/IOC_for_CVE-2021-28310★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →